Linux repositories inspector

libelf-devel - Development files for libelf

This package contains the headers and libraries needed to build applications that require libelf.
0.178
OpenSUSE iconOpenSUSE Tumbleweed
0.168
OpenSUSE iconOpenSUSE Leap 15.0
OpenSUSE iconOpenSUSE Leap 15.1
OpenSUSE iconOpenSUSE Leap 15.2
0.158
OpenSUSE iconOpenSUSE Leap 42.3
DistributionVersionSincePackageInstalledPackager
OpenSUSE iconOpenSUSE Leap 15.0 ossrpm0.168-lp150.2.482019-01-17737 kiB2.12 MiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.0 update/ossrpm0.168-lp150.3.3.12019-06-23732 kiB2.12 MiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.1 ossrpm0.168-lp151.3.642019-04-09724 kiB2.11 MiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.1 update/ossrpm0.168-lp151.4.3.12019-06-19727 kiB2.11 MiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.2 ossrpm0.168-lp152.5.642020-03-23727 kiB2.11 MiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 42.3 ossrpm0.158-12.152019-01-17265 kiB2.5 MiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Tumbleweed ossrpm0.178-1.12020-02-16800 kiB2.21 MiBhttps://bugs.opensuse.org

Manual pages

elf_begin(3)

elf_begin - Return descriptor for ELF file.

elf_clone(3)

elf_clone - Create a clone of an existing ELF descriptor.

elf_getdata(3)

elf_getdata - Get washed data of section

elf_update(3)

elf_update - update an ELF descriptor

Latest updates

OpenSUSE icon

OpenSUSE Leap 15.2 oss: Updated from 0.168-lp152.5.57 to 0.168-lp152.5.64

2020-03-23
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Leap 15.2 oss: Updated from 0.168-lp152.5.51 to 0.168-lp152.5.57

2020-03-19
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Leap 15.2 oss: Updated from 0.168-lp152.5.47 to 0.168-lp152.5.51

2020-02-19
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-3.4 to 0.178-1.1

2020-02-16
  • Re-add libelf1 to baselibs.conf: we still generate a libelf-devel-32bit, which is only installable if libelf1-21bit also exists.
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-3.3 to 0.177-3.4

2020-02-09
  • disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead
  • dwelf_elf_e_machine_string.patch: Avoid spurious failure
OpenSUSE icon

OpenSUSE Leap 15.2 oss: Updated from 0.168-lp152.5.43 to 0.168-lp152.5.47

2020-02-04
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-3.2 to 0.177-3.3

2020-01-26
  • disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead
  • dwelf_elf_e_machine_string.patch: Avoid spurious failure
OpenSUSE icon

OpenSUSE Leap 15.2 oss: Updated from 0.168-lp152.5.39 to 0.168-lp152.5.43

2020-01-17
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Leap 15.2 oss: Version 0.168-lp152.5.39 introduced

2020-01-07
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-3.1 to 0.177-3.2

2019-12-04
  • disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead
  • dwelf_elf_e_machine_string.patch: Avoid spurious failure
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-2.3 to 0.177-3.1

2019-11-22
  • disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead
  • dwelf_elf_e_machine_string.patch: Avoid spurious failure
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-2.2 to 0.177-2.3

2019-10-11
  • Modernize specfile and metadata.
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-2.1 to 0.177-2.2

2019-10-02
  • Modernize specfile and metadata.
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.177-1.1 to 0.177-2.1

2019-09-17
  • Modernize specfile and metadata.
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.176-4.2 to 0.177-1.1

2019-08-30
  • Update to version 0.177:
    elfclassify: New tool to analyze ELF objects.
    readelf: Print DW_AT_data_member_location as decimal offset.

    Decode DW_AT_discr_list block attributes.

    libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias. libdwelf: Add dwelf_elf_e_machine_string.

    dwelf_elf_begin now only returns NULL when there is an error
    reading or decompressing a file. If the file is not an ELF file
    an ELF handle of type ELF_K_NONE is returned.

    backends: Add support for C-SKY.
  • remove fix-bsc-1110929.diff and gcc9-tests-Don-t-printf-a-known-NULL-symname.patch
  • Use %make_build
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.176-4.1 to 0.176-4.2

2019-07-16
  • Disable LTO (boo#1138796).
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.176-3.3 to 0.176-4.1

2019-07-10
  • Disable LTO (boo#1138796).
OpenSUSE icon

OpenSUSE Leap 15.0 update/oss: Version 0.168-lp150.3.3.1 introduced

2019-06-23
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Leap 15.1 update/oss: Version 0.168-lp151.4.3.1 introduced

2019-06-19
  • CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch:
    arlib-check-that-sh_entsize-isnt-zero.patch
  • CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088)
    Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch
  • CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087)
    Add patch: elflint-dont-check-section-group-without-flags-word.patch
  • CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch:
    libdw-check-end-of-attributes-list-consistently.patch
  • CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
    Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch
  • CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973)
    Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch
  • CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch
  • CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007)
    Add patch:
    libebl-check-NT_PLATFORM-core-notes.patch
  • CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086)
    Add patch: libelf-check-compression-before-allocate-output-buffer.patch
  • CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch
  • CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084)
    Add patch:
    readelf-fix-off-by-one-sanity-check.patch
  • CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726)
    Add patch:
    size-handle-recursive-elf-ar-files.patch
  • CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
OpenSUSE icon

OpenSUSE Tumbleweed oss: Updated from 0.176-1.1 to 0.176-3.3

2019-06-17
  • Update License tag to GPL-3.0-or-later, as requested by legal review.

Related packages

libelf - Libraries to handle ELF object files and DWARF debugging information
devel - Hydrogen header files
libelf-devel-32bit - Development files for libelf
⇧ Top